using System;
using System.ComponentModel;
using System.Data;
using System.Web.Security;
using System.Web.Services;
using System.Web.Services.Protocols;
using DotNetNuke.Entities.Modules;
using DotNetNuke.Entities.Users;
using DotNetNuke.Services.Localization;

namespace Code5Systems.FormMaster.WebService
{

	[System.Web.Services.WebService(Namespace = "http://www.code5systems.com/formmaster")]
	[System.Web.Services.WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
	[ToolboxItem(false)]
	public class FormData : System.Web.Services.WebService
	{
		
		[WebMethod(Description = "Get Posted Form Data from Form Master.")]
		public DataSet GetFormData(int PortalId, int TabId, string UserID, string Password, int FormDataID, string ModuleID, DateTime StartDate, DateTime EndDate)
		{
			
			AuthorizeRequest(PortalId, TabId, UserID, Password, ModuleID);
			
			DataSet ds = null;
			FormDataServiceBO oFormDataService = new FormDataServiceBO();
			
			ds = oFormDataService.GetFormPosts(FormDataID, ModuleID, StartDate, EndDate);
			
			return ds;
		}
		
		
		private void AuthorizeRequest(int portalId, int tabid, string userId, string password, string moduleIDs)
		{
			string modIds = string.Empty;
			FormSettings objFormSettings = default(FormSettings);
			string[] aryModId = moduleIDs.Split(',');
			
			foreach (string id in aryModId)
			{
				int intModId = int.Parse(id);
				objFormSettings = Utility.GetFormSettings(intModId);
				if (AuthorizeModule(portalId, tabid, objFormSettings, intModId, userId, password) == false)
				{
					throw (new SoapException(string.Format(Localization.GetString("WSAccessDenied", Utility.GetSharedResourceFile()), userId, id), new System.Xml.XmlQualifiedName()));
				}
			}
		}
		
		private bool AuthorizeModule(int portalId, int tabId, FormSettings settings, int moduleId, string userId, string password)
		{
			bool bIsAuthorized = false;
			
			//Verify that the user is allowed to accesss this page since since
			//we are out of the scope of the DNN Security system
			UserInfo objUser = default(UserInfo);
			
			UserController objUserCtl = new UserController();
			
			if (Membership.Provider.ValidateUser(userId, password))
			{
				ModuleController objModuleController = new ModuleController();
				
				objUser = UserController.GetUserByName(portalId, userId);
				
				if (objUser.IsSuperUser)
				{
					bIsAuthorized = true;
				}
				else
				{
					
					string strEditRoles = settings.WsAccessRoles + ",";
					
					DotNetNuke.Security.Roles.RoleController objRoleController = new DotNetNuke.Security.Roles.RoleController();
					
					string[] aryUserRoles = objRoleController.GetRolesByUser(objUser.UserID, portalId);
					
					if (aryUserRoles != null)
					{
						foreach (string role in aryUserRoles)
						{
							if (strEditRoles.IndexOf(role + ",") > -1)
							{
								bIsAuthorized = true;
								break;
							}
						}
					}
				}
			}
			
			return bIsAuthorized;
			
		}
		
	}
}
